Data is information, the raw material from which statistics are created. Statistics are interpretations of the data, providing valuable insights and conclusions about a particular subject. Using the right data hk can help businesses make informed decisions, increase productivity and improve customer service. Data hk can come from primary observations in the field or secondary sources such as published reports. This information can be combined into statistics for business use or policy formation by government agencies.
Whether or not the data hk is collected from customers, employees, competitors or other sources, it is vital to understand data privacy regulations that are imposed on personal data transfers. Padraig Walsh from the Tanner De Witt data privacy team discusses some key points to note.
The first question to ask is what constitutes personal data. This is defined by the Hong Kong Personal Data (Privacy) Ordinance (“PDPO”) as “personal data which relates to an identifiable individual”. The definition is more broad than that of the EU’s General Data Protection Regulation, meaning that it includes almost all kinds of information that can be used to identify a person.
Aside from the definition of personal data, PDPO provides several other important provisions that need to be taken into account. For example, a data user must expressly inform a data subject on or before collecting his personal data of the purposes for which the data is being collected and the classes of persons to whom the personal data may be transferred. This is commonly referred to as the PICS obligation and is one of the core data user obligations.
Once the data has been collected, it cannot be used for a new purpose without the express consent of the data subject. This can be obtained either through a renewed PICS or by giving the prescriptive consent notified in DPP3.
Aside from its core duties of ensuring adherence to the PDPO, the PCPD has also actively participated in international privacy-related initiatives. These engagements allow the PCPD to stay abreast of developments in data privacy law and policy outside of Hong Kong, and can better shape its own policies in accordance with global best practice. Moreover, they also facilitate the exchange of ideas and knowledge with other privacy authorities around the world and contribute to the development of data protection standards both in and outside Hong Kong. This is especially true as a number of jurisdictions are developing their own data privacy laws, including the EU’s GDPR.